The website for the Civil Defense was hacked on Tuesday, displaying an image of the Syrian flag and calling for the fair treatment of Syrians in Lebanon, along with a message for Prime Minister Saad Hariri. The hackers identified themselves as “Wolftartous and Nightmare,” signing their message as “Federal Russian Union”. Hariri told An-Nahar newspaper earlier this month that shaking hands with Syrian President Bashar Assad was one of the hardest moments in his life, saying it would never happen again. Last month, the website of Beirut’s Rafik Hariri International Airport and the Energy Ministry’s were also hacked. Although it wasn’t clear who had hacked the airport’s website, the Energy Ministry’s website was hacked by a Syrian group condemning the death of Syrian teen named as Ahmad al-Zoubi.
Two errors involving paper records were behind two breach notifications this week, while ransomware continues to hit the healthcare sector.
The Center for Vitreo-Retinal Diseases in Illinois recently notified that 20,371 patients data’s like names, DOB’s, insurance information, Health data, addresses and phone numbers were breached in September 18, due to unauthorized access. The attack type is identified as ransomware. The incident commenced on Dec 6, 2018. Post investigation, it’s was evident
whether hackers accessed the viewed data. As a wakefulness initiative, officials said that preventive steps are taken to thwart any such incidents further.Similarly, another breachoccurred in the San Mateo Medical Center with more than 5000 patient records being breached due to a female staff whom failed to clean the patient box records.According to SMMC officials, Further, the usage of bins have been eliminated by the officials to prevent hazards. Officials conducted two clinic site visits on November 8 and 16th, where “clinic manager for Daly City instructed that recycling bins no longer be used and confidential information be immediately placed in a confidential shred bin.”Healthcare sector has been affected by mailing errors in recent years. Recently, Samba a federal benefit association informed 14,000 patients as IRS tax forms were sent to wrong recipients. Later, Orthopaedic and sports medicine practices network notified Texas Physicians and Surgeons about the 2172 patients of a mailing error that breached their personal data’s.
Prime Minister Hun Sen’s official Facebook page was hacked on Monday, with analysts saying a post threatening to shut down the social media platform in Cambodia which was designed to portray him in a negative light. Duong Dara, the one managing Fb account of Hun Sen said that “Hackers erased posts which were familiar among people and this isn’t the 1st time of such incident”.Ministry of Interior spokesperson Phat Sophanit said that the issue is investigated by the technical authorities. A Facebook user said named as Kea wrote “Too much selfish and Cambodia isn’t the absolute property of your family”. Another one named as “Assembly” slammed Hun Sen for trying to shut FB completely in Cambodia due to his hacked issue.
Advanced Care Hospitalists contracted with an individual claiming to be part of Doctor’s First Choice Billings in 2011, but never entered into a business associate agreement as required by HIPAA.
The office of civil rights for multiple HIPAA compliance failures fined the Florida based advanced care Hospitals (ACH) by a whooping sum of $500,000 on December 4, 2018 for sharing protected information with unknown vendor.ACH was contacted by a local hospital on Feb11, 2014 and informed officials that 8,855 patient data’s like names, DOB’s, social security numbers were viewable on a website named as First Choice website. OCR launched its own investigation into ACH to see what happened and found that ACH never entered into a business agreement with first choice under HIPAA and also failed in adopting a business associate policy until 2014. Also, no security measures, written HIPAA policies or procedures prior to 2014 were implemented. Under HIPAA, thorough routine risk analysis on potential risks and vulnerabilities must be done for all the covered entities and business associates. “This case is especially troubling because the practice allowed the names and social security numbers of thousands of its patients to be exposed on the internet after it failed to follow basic security requirements under HIPAA,” OCR Director Roger Severino reported in a statement. Further, ACH needs to instate HIPAA-compliant policies and procedures.“As part of this process, ACH shall develop a complete inventory of all electronic equipment, data systems, and applications that contain or store ePHI which will then be incorporated in its risk analysis,” according to the agreement. OCR will analyse the analysis and the findings will be approved or disapproved by the officials.This isn’t the first but the second OCR settlement in the past month. $125,000 was settle by Allergy associates with OCR for THE impermissible disclosure of patient data due to “reckless disregard for the patients privacy rights”.
Coun Alan Smith made the claims after a “golliwog” post appeared online under his name although he has strictly refused on sharing the racially-charged caricature. This isn’t the 1st time his account is shared. Mr Smith now deleted his social media account after acknowledging his account got hacked. With 2 months down the timeline for council elections, he denied the fact that it was done with selfish political motives. During the recent meeting of Cockermouth Town Council, Mr. Smith portrayed social media as “Dynamite”. The Golliwog post was shared on the official account of Mr. Smith on 20th February and was simultaneously deleted on the same day as well
Thundermist Health Center was hit by a ransomware attack on Thursday, cancelling appointments that would impact patient safety without EMR access.
Ransomware attack has once again struck the Thundermist Health center that is in Rhode island on the early Thursday, impacting some patient care on 3rd December 2018. Rhode Island State Police and Rhode Island Department of Health have joined with the officials and expect access to be fully restored by the weekend. This is the second attack in the last two weeks for the healthcare sector. East Ohio regional Hospital and Ohio Valley medical Center interrupted their emergency care services due to cyberattack and those patients were sent to the adjacent hospital. Proofpoint researches have stated that healthcare sector is highly affected ransomware, despite the declination in attack quantity. However, SamSam kind of ransomware is able to execute its malicious deed without human interaction through brute forcing on remote desktop protocol. The Department of Health and Human services, the FBI and security researchers insist organizations to maintain backups for restoring files and in returning back to normal positions. Payment of ransom for “ransomware manumit” should be prohibited.
Medical files of 15,000 patients at Cabrini hospital were hacked. To regain them, ransom was forced through cryptocurrency. Due to this, the Melbourne Heart Group couldn’t monitor patients data. Suspects are believed to be from North Korea or Russia. However, origin of attacks isn’t disclosed. Patients have complained that their files and appointment times had lost in vain. The Australian Cyber Security Centre informed that they are facilitating the hospital with cybersecurity awareness. A Melbourne Heart Group spokeswoman said that they are working with government agencies to set things right. She emphasized the necessity of data protection and also informed that patients data aren’t compromised, as of now. But there wasn’t disclosure of ransom, paid or not. The healthcare care domain has become the primary target for hackers, since the payment of $17,000 bitcoin by Hollywood Presbyterian Hospital, situated in Los Angeles whose computer networks were seized by hackers.
A Cancer Treatment Centers of America employee fell victim to a targeted phishing email in May, providing the hacker with their network credentials.
Cancer treatment Centers of America at western regional medical center informed about 41,948 patients of their personal data breach on December 4th 2018 due to an illegitimate email being responded back by an employee on September 26th with its origin from a CTCA executive.The breached data’s contained patient information like names, addresses, sensitive data’s like the medical record number, facility visited, treatment date, physician name, cancer type and or health data. Social Security numbers were also included in the breached data list. Post investigation, the types of information seen and influenced by the hackers were unable to be figured out by the forensic team.Post the incident, CTCA notified all the impacted patients and provided free credit monitoring and identity services for people whose Social Security number was involved. Further indoctrination of how to identity rogue emails were also facilitated by the Officials.These phishing attacks have been proliferating throughout 2018. Last week, Georgia Spine and Orthopaedics of Atlanta notified 7000 patients of a breach due to a phishing attack on employee account. Similarly, new York Oncology hematology notified 128,000 patients last month of a breach caused by 15 employees whom fell prey to the phishing traps in April.
Toyota car manufacturer on their Australian base faced a cyber attack as its email accounts couldn’t be accessed. The Australian Toyota servers were hacked recently and the reasons for this attack remain unknown. Through a statement, Toyota Australia made clear that “No evidence of employee data compromise is found. We don’t have further details of the incident.” The affected employees aren’t able to continue with their work due to this adversity. As an alternative, they have received updates from Toyota’s network security team. This incident aids a significant part to the growing count of cyber breaches in Australian territory. With utmost regret, the customer service has placed
a notice of “Under maintenance and we apologize for this inconvenience”. cyber security experts accept the fact that the breach can be caused due to many reasons like greedy financial aspirations, exploitations of users data, or an espionage campaign.
Oracle says that more than 10 GB of data could be consumed in your phone by downloading hidden vids. The database vendor says that DrainerBot uses corrupted code on Android devices to deliver deceiving invisible video ads. Corrupted apps take “significant bandwidth and battery”, says Big Red. The discovery were done by Oracle’s team in two named as oracle’s fairy recent acquisitions-ad tracking biz and internet infrastructure outfit Dyn. Corrupted apps which is said to be eliminated from google play store is said to reappear as augmented reality like beauty app perfect 365, sketching out the characters of clash of clans, Touch ‘n’ beat (musical app) and many have been downloaded innocently by users throughout the globe. Once these are downloaded, a code update invokes new functions along with fraudulent ad videos. These don’t appear on-screen but lurk, surreptitiously. Apart from this, these apps are instigating false ad opinions like reporting to the ad network but actually, not. Ad fraud isn’t a stranger but Oracle says this kind is something beyond danger.
On 13th February, Times of Malta reported the Bank of Valletta terminated all its operations due to a cyber breach that costed 13 million Euros. With regards to this, the country’s Prime Minister said the swindling transactions had been traced. Bank promised its customers that none of their accounts are compromised. Despite assurance from Government and bank officials, customers payments weren’t processed. Also, their businesses faced negative impacts. And while Bank of Valletta might actually solve its issues, the question remains – when?
Saudi Arabia’s largest oil producer who was tormented by Shamoon- one of the most destructive malware now targeted energy sectors primarily operating in the Middle East.
Saudi Arabia’s largest oil producer who was tormented by Shamoon- one of the most destructive malware families in 2012 has now targeted energy sectors primarily operating in the Middle East. Prior this week, Saipem-an Italian oil drilling company was attacked and about 10% of servers were destroyed, especially in the Middle East that includes Saudi Arabia, UAE, Kuwait, India and also in Scotland. Saipem admitted on Wednesday that virus used for latest cyberattack is a variant Shamoon-a disk wiping malware was being used against Saudi Aramco and RasGasco Ltd and destroyed data’s on more than 30,000 systems. The recent attack against Saipem made more than 300 servers and 100 personal computers to go haywire among 4000 machines. The company pacified the people saying that they had backed up the data’s and so contingencies for data loss is not possible.Shamoon alias Disttrack functions by disabling systems and by overwriting key computer files that includes Master boot record (MBR), making it capable for systems to start up. The malware can also easily spread through infected networks using Windows Server message Block (SMB) protocol that is similar to other damaging malware’s like WannaCry and Not-Petya.Shamoon had its inception in 2012. Amongst all these chaos spinning in the heads for many, it is still unclear that who is behind its arise. Suspicions steer towards the Iranian hacking groups like OilRig, R. However, the Iranian Government has firmly refused this baseless allegation.
Presented on December , Repercussions-a new ransomware strain started to target Chinese users and corrupted more than 100,000 systems
Due to supply chain attack on December 1, a new ransomware strain started to target Chinese users and corrupted more than 100,000 systems by encrypting the system files, abducting login credentials of Chinese online services like taobao, Baidu Cloud, NetEase 163, Tencent QQ, Jingdong and Alipay.Velvet security researchers after scrutiny on ransomware determined that the attackers added malicious code and combined with more than 50 poisoned software to be injected into various software’s compiled with it. Further, it also tracks the software details installed on the victim’s computer. The following data’s were procured from the Victim machines. They are cited below: System version information, current system login username, system login time CPU model, Screen resolution, IP and broadband provider name, Software installation information.Security software process information, Online shopping account login information, email login information, QQ number login information, network disk login information, etc.Ransomware authors order victims to make payments through Bitcoins but in this scenario, payment was levied to be paid through WeChat payment app. Ransomware operators demand victims to imbue a sum of 110 yuan (app $16).
Presented on December Repercussions-500 Million Marriott Guest Records Stolen in Starwood Data Breach
327 million records containing guest’s names, postal address, phone number, DOB, gender, email address, passport number, starwood’s rewards information, arrival and departureinformation, reservation date and communication preferences was breached. During forensic investigation on November 19th, they decrypted the database and figured out that the breach is from Starwood Hotels database. The cause of this is due to unauthorized access to database on Sept10, 2014. Marriott learned during the investigation that there had been unauthorized access to the Starwood network since 2014, and also said that an unauthorized party has copied and encrypted information, and took steps towards removing it.” Starwood said that unknown number of databases contained encrypted credit card data but hasn’t been able to rule out the contents needed to decrypt the data. “Marriott reported this incident to law enforcement and continues to support their investigation,” said the statement. The company said that its Marriott hotels are not believed to be affected as its reservation system is “on a different network,” following Marriott’s acquisition of Starwood in 2016. The firm started to notify customers of the breach to people across U.S, Canada and U.K. 4% of financial penalties maybe faced by Starwood if found to be in the breach rules, under the European wide GDPR rules.
Ransomware attack has attacked the information technology systems of Olympia Financial Group on 2nd Feb, 2019. Investigations reveal that the information have been encrypted. Status of other customer data are unavailable. But measures are taken to call and remedy the affected Person’s needs. Olympia instantly implemented countermeasures to stop further infection in accordance with Olympia’s established cyber security policies that have been developed and implemented in consultation with industry leading cyber security specialists. Olympia has also contacted the RCMP cyber crime division with respect to this attack and has enlisted help from several malware response and recovery industry specialists.
Presented on december 2018, Dell Resets All Customers Passwords After Potential Security Breach
Dell- A Multinational computer technology disclosed on Wednesday that its online electronics marketplace faced an unfortunate “cybersecurity incident” when an unknown mass of hackers penetrated into the internal network which was later found out by Dell on November 9th. The initial investigation according to the company found no lucid evidence of hackers
triumphing in stealing any information. As a wakefulness measure, Dell reset its passwords for all accounts on its website Dell.com, irrespective of the fact whether the data was pilfered or not.Dell never shared the information’s on how hackers penetrated their networks and how much accounts were affected. The company confirmed that payment information, Social Security numbers, Credit card, sensitive information’s and Dell products/services weren’t targeted. If any account has been created on dell website for purchasing products, then contingencies for those data’s to get corrupted are evident."Upon detection of the attempted extraction, Dell immediately implemented countermeasures and initiated an investigation. Dell also retained a digital forensics firm to conduct an independent investigation and has engaged law enforcement," the company said.
US restaurant chain Huddle House announced a possible malware attack on its point of sale (POS) systems. The cyber-attack is believed to have compromised many number of systems at corporate and franchised locations, after a third-party POS system was targeted. Stolen data includes credit/debit card numbers, cardholder names, expiration dates, and other information. Customers who visited Huddle House locations from August 1, 2017, to February 1, 2019, also could have been affected. Customers are advised to check their bank accounts and report any suspicious activity to their local law enforcement, if detected. They are also advised to use free credit monitoring services
and freeze their accounts, if they think they may have been impacted. Huddle House, based in Atlanta, Georgia, has 339 restaurants across 39 states. A spokeswoman for Huddle House said they do not know how many locations have been infected with malware. She added: “The investigation is still ongoing.”
Presented onDecember 2018, Repercussions-100 Million Users Data Stolen
Quora- world’s most familiar Q&A site suffered a humongous data breach due to hackers gaining access to potentially sensitive personal information comprising the data’s of 100 million users. Adam D Angelo, CEO and Co-founder of Quora, the personal user information compromised in the breach includes: Account information, such as names, email addresses, encrypted (hashed) passwords, and data imported from linked social networks like Facebook and Twitter when authorized by users.Public content and actions, like questions, answers, comments, and upvotes. Non-public content and actions, including answer requests, downvotes, direct and messages (note that a low percentage of Quora users have sent or received such messages) Quora said it stores salted and hashed passwords to thwart them from cracking, but as a precautious awareness, the company has logged all compromised users out of their Quora accounts, and are urging them to reset their password. Quora said it’s still investigating the breach and promised its users that it is working swiftly to "take the appropriate steps to prevent such incidents in the future." Quora's data breach news is the newest in a sequence of high-profile hacks.
Presented on december 2018, Repercussions-Hacked 50,000 Printers to Promote PewDiePie YouTube Channel
The clash for the "most-subscribed Youtube channel" crown between T-Series and PewDiePie took an exciting turn after a hacker yesterday hijacked more than 50,000 internet-connected printers globally to print out flyers requesting all people to subscribe “PewDiePie” YouTube channel, a Bollywood record label T-series with 72.5 million YouTube subscribers. PewDiePie, whose pristine name is Felix Kjellberg, is a highly familiar YouTuber from Sweden, who is specially known for his game commentary and pranks. He has also had the most subscribers on YouTube, ever since 2013. With the Twitter username as “TheHackerGiraffe”, an anonymous hacker emerge with a Hacking driven notion by scanning the list of vulnerable printers, with 9100 ports being open through the scan of Shodan for spewing out a message articulating as ““PewDiePie is in trouble, and he needs your help to defeat T-Series!” . Obviously, post the message display, the hacked victims were pressured to unsubscribe from T-series channel and immediately subscribed to PewDiePie, without procrastination. tter,” the hacker tweeted. Honestly speaking from the atrium of my heart, trust me as even your fax number is more than sufficient for hackers to infiltrate into your data’s and take complete control over the printer and even penetrate the remaining part of the networks connected to it. Indeed, the space between the two epic channels is seeking a confrontation as the intriguing battle is about to halt. Let’s see if PewDiePie can win the prestigious tiara of being the “Most followed YouTube channel”.
VFEmail, an email service provider which delivered services since 2001, faced a devastatingcyber blow. The US users servers with any data were completely washed out by cyber attackers. It seems like even the company’s backup servers have been annulled. It was believed that all the VM’s were lost. Ironically, not all VM shared the same authentication, yet all were destroyed. However, VFEmail told that their employees are toiling hard to replenish an efficient and more secure server. Company informed users to be away from sending emails, due to delivery mechanism disabled. For paid users, this wasn't an issue.